VYPR

rpm package

opensuse/wireshark&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed

Vulnerabilities (540)

  • CVE-2013-3555May 25, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2013-2488Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers wri

  • CVE-2013-2487Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, rela

  • CVE-2013-2486Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop)

  • CVE-2013-2485Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

  • CVE-2013-2484Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2013-2483Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D

  • CVE-2013-2482Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

  • CVE-2013-2481Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (appl

  • CVE-2013-2480Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2013-2479Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data.

  • CVE-2013-2478Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malfor

  • CVE-2013-2477Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2013-2476Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short.

  • CVE-2013-2475Mar 7, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2013-1590Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2013-1589Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2013-1588Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet

  • CVE-2013-1587Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2013-1586Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via

Page 23 of 27